bitcoin-dev
Should Graftroot be optional?
Posted on: May 23, 2018 22:06 UTC
In a message on the Bitcoin development mailing list, Pieter Wuille asked whether practical deployment of Taproot and Graftroot would require explicit enablement or disablement of the Graftroot spending path.
One reply to the message suggested that requiring a flag to allow the usage of these features in a transaction could be a good idea. This would give users the ability to choose in advance whether the script will be static or "editable". The justification for this is that, if parties involved in signing a transaction collude, the original intent of a particular P2SH address may be circumvented, potentially breaking the purpose of the fund. The email suggests that the proposed scheme could include proof-requiring committed transactions, which would only pay out if certain conditions were met. If taproot / graftroot were used to withdraw funds despite this possibility not showing in the published script, it could be problematic. The author was simultaneously in favor of being able to have scripts where the usage of taproot / graftroot isn't visible in advance, but it must simultaneously be possible to prove a transaction ISN'T using it.